On Fri, Aug 16, 2024 at 10:28 AM Tero Kivinen <kivi...@iki.fi> wrote:
> Paul Wouters writes: > > > On the other hand I do think Group 14 is something that most likely > > > needs to be updated... > > > > Yes, some standards like PCI are sun setting finite field DH. The > > question is what to make the new MTI, a NIST curve or a non-NIST > > curve (or both). My guess would be to pick P256 or P384 with > > Curve25519. > > We already have group 19 (256-bit Random ECP Group, aka P-256) as > SHOULD, so picking that would be logical. > TLS has p256, p384, 25519 and 448 as the only MTI. I think we should also offer a NIST and non-NIST MTI. So I would either pick these four, or p256/25519 only. Paul
_______________________________________________ IPsec mailing list -- ipsec@ietf.org To unsubscribe send an email to ipsec-le...@ietf.org
